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1 . (Currently Amended) A data transmitting system comprising a portable data 
recording medium and a drive unit which accesses the portable data recording medium, 

the portable data recording medium including: 

a security module comprising a nonvolatile memory which executes a 
mutual authentication protocol with the drive unit; and 

a storage area distinct from the security module recording m e dium prop e r ; 

and 

the drive unit including: 

a controller which executes the mutual authentication protocol when 
accessing the portable data recording medium; and 

an interface unit which accesses the storage area r e cord i ng m e d i um 
prop e r of the data recording medium^ 

wh e r ei n th e data r e cord i ng m e d i um has s el f id e nt i f i cat i on data stor e d th e r ei n; 

wh e r e in th e dr i v e unit furth e r i nc l ud e s a storag e unit hav i ng s e lf i d e nt i ficat i on 
data stor e d there i n; and 

whoroin th e s e cur i ty modul e of th e data record i ng med i um and contro l l e r of th e 
dr i v e un i t e xchang e the i r own i d e nt i f i cat i on data b e tw ee n them to ch e ck wh e th e r th ei r 
count e rpart's own i dent i fication data i s r e g i st e r e d i n an il le ga l unit r e vocat i on li st, wh e n 
e xecut i ng th e mutua l auth o nt i cation protoco l , and w i l l not go through subs e qu e nt 
process e s aft e r ex e cut i on of tho mutua l auth e nt i cation protoco l i f th o ch o cking r e su l t 
shows that th o dr i ve unit is a unit having to b e r e vok e d . 

2. (Currently Amended) The system as set forth in Claim 1 , wherein the mutual 
authentication protocol uses [[the]] public-key encryption technology. 
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3. (Currently Amended) The system as set forth in Claim 1 , wherein the storage 
area is data recording m e d i um inc l ud e s the s e cur i ty modulo and a disc as tho data 
record i ng m e dium prop e r . 

4. (Currently Amended) The system as set forth in Claim 3, wherein the drive unit 
further includes means for driving the disc as tho recording m e dium prop e r of tho data 
r e cord i ng m e d i um . 

5. (Currently Amended) The system as set forth in Claim [[17]] 1, wherein the 
interface unit accesses the storage area directly th e r e cord i ng m e d i um prop e r . 

6. (Currently Amended) The system as set forth in Claim 1 , wherein the storage 
area is data record i ng m e d i um i nclud e s tho s e curity modu le and a memory chip as th e 
record i ng m e d i um prop e r . 

7. (Currently Amended) The system as set forth in Claim 1 , wherein the interface 
unit accesses the storage area data record i ng m e d i um via the security module of th e 
data record i ng m e d i um . 

8. (Canceled) 

9. (Currently Amended) The system as set forth in Claim 1 , wherein [[the]] 
identification data of the portable data recording medium is stored in the security 
module. 

10. (Currently Amended) The system as set forth in Claim 1, wherein tho data 
record i ng med i um has tho list stored in the security module stores a revocation list of 
illegal drive units thefeef. 
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1 1 . (Currently Amended) The system as set forth in Claim 1 , wherein the storage 
area stores a revocation list of illegal drive units data r e cord i ng m e d i um has th e li st 
stor e d i n tho rocording med i um proper th e reof . 

12. (Currently Amended) The system as set forth in Claim 1 , wherein the drive 
unit stores a revocation list of illegal recording media hac tho list stor e d i n tho storag e 
unit th e r e of . 

13. (Currently Amended) The system as set forth in Claim [[17]] 1, wherein the 
drive unit does not store a revocation list of illegal recording media has not tho li st 
stor e d i n th e storage un i t th e r e of . 

14. (Currently Amended) The system as set forth in Claim [[17]] 1, wherein the 
thoro i s e xocutod a mutual authentication protocol executes independently of whether 
the drive unit or the portable data recording medium contains an illegal unit revocation 
list corrospond i ng to whothor o i thor or both of tho secur i ty modulo and drive unit i tse l f 
holds tho li st or not . 

15. (Currently Amended) The system as set forth in Claim [[17]] 1, wherein the 
controller of the drive unit judges whether or not the data rocording mod i um i s a on e 
whos e security module has an illegal unit revocation the list stored therein, and 
executes [[a]] the mutual authentication protocol wh i ch i s based on the judgment r e su l t . 

16. (Canceled) 

17. (Currently Amended) The system as set forth in Claim 1, wherein: 

the portable data recording medium stores therein a first version of an [[the]] 
illegal unit revocation list and a first list version number; 
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the drive unit stores therein a second version of the illegal unit revocation list and 
a second list version number; and 

the data recording medium and the drive unit exchange the first and second 
version numbers [[of]] when executing the mutual authentication protocol, and 
whichever has a newer version of the illegal unit revocation list sends the newer version 
of the illegal unit revocation list to the other wh il o th e oth o r having an old e r version 
updatoo i ts v e rsion Hot with tho n o wor vers i on . 

18. (Currently Amended) The system as set forth in Claim [[1]] 17, wherein: 

the portable data recording medium has the first list version number stored 
ther e in and the first version of the illegal unit revocation list stored in the storage area 
Hot itself rooordod i n tho recording m e dium proper th e r e of ; 

the drive unit comprises a storage unit and stores bas the second list version 
number and the second version of the illegal unit revocation list stored in the storage 
unit li st i tse l f stor e d i n th e storag e un i t th e r e of ; 

the security module of the portable data recording medium and controller of the 
drive unit exchange the first version number and the second version number v e rsion 
numbers of their own revocation li sts b e tween th e m when executing the mutual 
authentication protocol; and 

the portable data recording medium and drive unit exchange the list with the 
newer version number 

tho dr i ve un i t wi ll write tho l i st to tho data record i ng medium when tho l i st stored 
i n tho storage un i t of tho drive un i t i s new e r, whi le i t w ill r e ad th e li st from th e data 
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record i ng m o d i um and updat e i to own li st w i th th e l ist road from th o data r e cording 

med i um when i ts own l ist is o l d e r . 

19. (Currently Amended) The system as set forth in Claim 1, wherein both the 
drive unit checks a second version of an illegal unit revocation list to authenticate the 
security module and the security module checks a first version of the illegal unit 
revocation list to authenticate the drive unit chock, us i ng th e ir own now l i sts, whothor or 
not thoir counterpart's id e ntificat i on data ar e reg i stered in the li sts, r e spectiv el y . 

20. (Currently Amended) The system as set forth in Claim 17, wherein: 
the drive unit further stores identification inc l udes a storage un i t having self 

i dent i f i cat i o n data stored th e re i n ; and 

the security module of tho data r e cord i ng m e d i um receives the identification data 
from the drive unit and checks whether or not the identification data of the drive unit is 
registered in the illegal unit revocation list, when executing the mutual authentication 
protocol, and will not go through subsequent processes after execution of the mutual 
authentication protocol if the chock i ng resu l t chows that the drive unit is a un i t having to 
be revoked. 

21 . (Currently Amended) The system as set forth in Claim 17, wherein: 
the portable data recording medium stores identification data has s e lf - 
i d e nt i ficat i on data stor e d th e r e in ; and 

the controller of the drive unit receives the identification data from the security 
module and checks whether or not the identification data of the portable data recording 
medium soour i ty modu le is registered in the illegal unit revocation list, when executing 
the mutual authentication protocol, and will not go through subsequent processes after 
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execution of the mutual authentication protocol if tho chocking result shows that the 

portable data recording medium dr i vo un i t is a unit hav i ng to b e revoked. 

22. (Currently Amended) The system as set forth in Claim [[1]] 17, wherein the 
illegal unit revocation list includes has rog i st e rod thoroin identification data of tmtts- 
hav i ng to b e revoked units and a un i t reg i st e r e d i n th i s l i st is takon as hav i ng to be 
r e vok e d . 

23. (Currently Amended) The system as set forth in Claim [[1]] 17, wherein the 
illegal unit revocation list identifies units that have not been has rogisterod there i n 
i d e nt i f i cation data of un i ts having not to bo revoked and a unit not registered i n th o list i s 
tak e n as hav i ng to b e revoked. 

24. (Currently Amended) The system as set forth in Claim [[1]] 17, wherein the 
illegal unit revocation list includes: 

a revocation list identifying having registered there i n i dent i ficat i on data of 
revoked units having to bo revoked ; and 

a registration list identifying having registered there i n i dent i fication data of units 
that have not been hav i ng not to b e revokedJ[;]] 

wherein units identified bv the a un i t registered i n the revocation list and/or and 
units not identified by the not regist e red in the registration list being tak e n as hav i ng to 
be are considered revoked. 

25. (Currently Amended) The system as set forth in Claim [[1]] 17, wherein the 
illegal unit revocation list includes: 

a revocation list indicating revoked units hav i ng reg i stered ther e in id e nt i fication 
data of un i ts hav i ng to bo revok e d ; and 
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a registration list indicating units that have not been hav i ng reg i st e red ther ei n 
i d e ntif i cat i on data of un i ts having not to b e revokedJ[;]] 

wherein one or more of e ith e r of the revocation and registration lists b ei ng 
s ele ct e d to j udg e wheth e r or not a un i t i n cons i d e ration is used to determine whether a 
unit is considered revoked. 

26. (Currently Amended) The system as set forth in Claim 1, wherein when 
executing the mutual authentication protocol, the drive unit and the security module 
execute a key sharing protocol using [[the]] public-key encryption technology, encrypt a 
data e ncrypt i ng content key with a shared key thus obta i n e d , and transfer sen4 the 
encrypted content key from on e of th e m to th e oth e r . 

27. (Currently Amended) The system as set forth in Claim 1 , wherein when 
executing the mutual authentication protocol, the drive unit and the security module 
execute a key sharing protocol using [[the]] public-key encryption technology, encrypt 
data with a shared key thus obt a in e d , and transfer seRd the encrypted data from on e of 
thorn to th e oth e r . 

28. (Currently Amended) The system as set forth in Claim 1, wherein: 

the drive unit is to write data to the storage area of the portable data recording 
medium r e cord i ng m e d i um prop e r via the interface unit; 

the drive unit and the security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the drive unit encrypts a data e ncrypt i ng content key with a shared key obta i n e d 
of th o koy shar i ng protoco l and sends the encrypted data e ncrypting content key to the 
security module; and 
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the security module decrypts the encrypted content key r e c e iv e d from th e driv e 

un i t w i th th e shar e d key obta i n e d of th e koy char i ng protoco l, re-encrypts the decrypted 

content key with a save key stored therein and sends the re-encrypted content key to 

the drive unit; and 

the drive unit writes to the storage area of the portable data recording medium 
proper via tho i nterfac e un i t the data encrypted with the content key and the content key 
encrypted by tho soourity modul e us i ng the save key. 

29. (Currently Amended) The system as set forth in Claim 1 , wherein: 

the drive unit is to read data from the storage area record i ng m e d i um prop e r via 
the interface unit; 

the drive unit and security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the drive unit reads the encrypted content key from the storage area recording 
med i um prop e r and sends the fead content key to the security module; 

the security module decrypts the encrypted content key received from the drive 
unit with [[the]] a save key stored therein, re-encrypts the decrypted content key with the 
shared key obta i n e d of th e k e y shar i ng protoco l and sends the re-encrypted content key 
to the drive unit; and 

the drive unit decrypts the encrypted content key received from the security 
module with the shared key obtained of the k e y shar i ng protocol , reads the content key- 
encrypted data from the storage area record i ng m e dium proper and decrypts the fead 
data. 

30. (Currently Amended) The system as set forth in Claim 1 , wherein: 
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the drive unit is to write data to the storage area record i ng m e d i um propor via the 

interface unit; 

the interface unit accesses the storage area r e cording m e dium prop e r via the 
security module of the data recording medium; 

the drive unit and the security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the drive unit sends to the security module a data encrypt i ng content key af»d- 
hav i ng b ee n encrypted with a shared key A obta i ned of tho koy sharing protoco l and data 
encrypted with the content key; and 

the security module decrypts the encrypted content key received from the drive 
unit with the shared key obta i n e d through th e e x e cut i on of the k e y shar i ng protoco l and 
records to the storage area record i ng med i um prop e r the content key re-encrypted with 
a save key stored in the security module and data encrypted with the content key 
received from the drive unit. 

31 . (Currently Amended) The system as set forth in Claim 1 , wherein: 

the drive unit is to write data to the storage area r e cord i ng m e d i um prop e r via the 
interface unit; 

the interface unit accesses the storage area r e cording med i um proper via the 
security module of the portable data recording medium; 

the drive unit and security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the drive unit encrypts data with a shared key obtain e d through th e ex e cut i on of 
tho koy shar i ng protoco l and sends the data thus encrypted to the security module; and 
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the security module decrypts the encrypted data received from the drive unit with 

the shared key, encrypts the decrypted data and stores the encrypted data into the 

storage area r e cording m e d i um prop e r . 

32. (Currently Amended) The system as set forth in Claim 1 , wherein: 

the drive unit is to read data from the storage area r e cord i ng m e d i um prop e r via 
the interface unit; 

the interface unit accesses the storage area r e cord i ng m e d i um prop e r via the 
security module of the portable data recording medium; 

the drive unit and security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the security module reads from the storage area r e cord i ng m e d i um prop e r an 
encrypted content key and data encrypted with the content key, decrypts the encrypted 
content key with a save key stored therein and sends to the drive unit the content key 
re-encrypted with a shared key obtain e d through th e o x o cut i on of th e k e y shar i ng 
protocol and data encrypted with the content key read from the storage area r e cord i ng 
m e d i um prop e r ; and 

the drive unit decrypts the encrypted content key received from the security 
module with the shared key obta i n e d through tho ex e cut i on of th e k e y shar i ng protoco l 
and decrypts the encrypted data with the content key. 

33. (Currently Amended) The system as set forth in Claim 1 , wherein: 

the drive unit is to read data from the storage area r e cord i ng m e dium prop e r via 
the interface unit; 
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the interface unit accesses the storage area r e cord i ng m e d i um prop e r via the 
security module of th e data recording m e dium ; 

the drive unit and security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the security module reads data encrypted and stored in the portable data 
recording medium, decrypts the encrypted data with the content key, re-encrypts the 
decrypted data with a by tho user of th e shared key obtained through th e o xocut i on of 
th o koy shar i ng protoco l and sends the re-encrypted data to the drive unit; and 

the drive unit decrypts, with the shared key obtain e d through tho oxocut i on of th e 
k o y shar i ng protoco l, the encrypted data received from the security module. 

34. (Currently Amended) A data transmitting method for transf e rr i ng data 
b e tw ee n a data r e cord i ng m e dium hav i ng a r e cord i ng m e d i um prop e r and a dr i v e un i t 
wh i ch accoss e s th e data r e cord i ng med i um, th o m o thod comprising st e ps of : 

executing a mutual authentication protocol between a contro lle r prov i d e d i n th e 
drive unit and a portable data recording medium, the portable data recording medium 
including a security module comprising a nonvolatile memory and a storage area 
distinct from the security module provid e d in tho data r e cord i ng m e d i um ; and 

accessing, by the drive unit, the storage area distinct from the security module 
r e cording m e dium prop e r of th e dat a r e cording m e d i um accord i ng to th e r e su l t of th e 
mutua l auth e nticat i on protoco l e x e cut i on; 

whoroin tho data r e cord i ng med i um has so l f i d e ntificat i on data stored th e r e in; 

whoro i n th e dr i v e un i t further i nc l udes a storage unit having so l f i d e nt i f i cat i on 
data storod ther e in; and 
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wh o r oi n th e s e cur i ty modu l o of th e data r e cording medium and contro ll er of the 

dr i ve un i t e xchang e th oi r own idontification data botwoon th e m to chock whothor th ei r 

counterpart's id e nt i ficat i on data is r e g i st e red i n an ill ega l un i t revocat i on li st, wh e n 

e xecut i ng tho mutual authont i cat i on protocol, and w ill not go through subsequent 

proc e ss e s aft e r e x e cution of th e mutual auth e nt i cat i on protoco l i f th e ch e cking r e su l t 

shows that th e dr i v e un i t i s a un i t hav i ng to b e r e vok e d . 

35. (Currently Amended) The method as set forth in Claim 34, wherein the 
mutual authentication protocol uses i s a protocol us i ng th e public-key encryption 
technology. 

36. (Currently Amended) The method as set forth in Claim 47, wherein the 
int e rfac e unit of th e drive unit accesses the storage area directly th e r e cord i ng m e dium 
prop e r . 

37. (Currently Amended) The method as set forth in Claim 34, wherein the 
int e rfac e unit of th e drive unit accesses the storage area data r e cord i ng med i um via the 
security module of the data record i ng mod i um . 

38. (Canceled) 

39. (Currently Amended) The method as set forth in Claim 34, wherein th o data 
r e cord i ng mod i um has th e identification data of the portable data recording medium is 
stored in the security module th e r e of . 

40. (Currently Amended) The method as set forth in Claim 34, wherein th e data 
r e cord i ng modium has th e l ist stor e d i n the security module stores a revocation list of 
illegal drive units tfrefeef. 
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41 . (Currently Amended) The method as set forth in Claim 34, wherein the 
storage area stores a revocation list of illegal drive units data rocording mod i um has the 
li st stor e d i n th e r e cord i ng m e dium prop e r th e r e of . 

42. (Currently Amended) The method as set forth in Claim 34, wherein the drive 
unit stores a revocation list of illegal recording media has the li st stor e d i n tho otorage 
un i t thoroof . 

43. (Currently Amended) The method as set forth in Claim [[47]] 34, wherein the 
drive unit does not store a revocation list of illegal recording media has not tho l ist 
stored i n the storag e un i t th e r e of . 

44. (Currently Amended) The method as set forth in Claim [[47]] 34, wherein 
th o r o is o x o cut e d a mutual authentication protocol executes independently of whether 
the drive unit or the portable data recording medium contains an illegal unit revocation 
list corrospond i ng to wh o th o r ei th e r or both of th e dr i v o un i t and data record i ng mod i um 
holds the abov o li st or not . 

45. (Currently Amended) The method as set forth in Claim [[47]] 34, wherein the 
contro ll er of th e drive unit judges whether or not the data r e cord i ng m e d i um is a on e 
whoso security module has an illegal unit revocation the list stored therein, and 
executes [[a]] the mutual authentication protocol wh i ch is based on the judgment r e sult 

46. (Canceled) 

47. (Currently Amended) The method as set forth in Claim 34, wherein: 

the portable data recording medium stores therein a first version of an [[the]] 
illegal unit revocation list and a first list version number; 
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the drive unit stores therein a second version of the illegal unit revocation list and 
a second list version number; and 

the data recording medium and the drive unit exchange the first and second 
version numbers [[of]] when executing the mutual authentication protocol, and 
whichever has a newer version of the illegal unit revocation list sends the newer version 
of the illegal unit revocation list to the other wh il o tho other hav i ng an o l d e r v e rs i on 
updat e s i ts v e rs i on list w i th th e n e w e r v e rs i on . 

48. (Currently Amended) The method as set forth in Claim 34, wherein: 

the portable data recording medium has the first list version number stor e d 
th e r e in and the first version of the illegal unit revocation list stored in the storage area 
li st i tso l f r e corded i n tho record i ng med i um propor thoroof ; 

the drive unit comprises a storage unit and stores has the second list version 
number and the second version of the illegal unit revocation list stored in the storage 
unit list itso l f stored i n tho storago un i t thoroof ; 

the security module of the portable data recording medium and controller of the 
drive unit exchange the first version number and the second version number v e rs i on 
numb e rs of th e ir own revocat i on li sts b e tw ee n th e m when executing the mutual 
authentication protocol; and 

the portable data recording medium and drive unit exchange the list with the 
newer version number 

the dr i v e un i t wi ll writ e th e l i st to th o data r e cord i ng medium whon tho list stor e d 
i n th e storag e un i t of tho drivo un i t i s n e wor, wh il o i t w ill road th o li st from tho data 
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r e cord i ng m e d i um and updat e i ts own l ist with th e li st r e ad from th e data r e cording 

m e d i um wh e n i ts own li st i s old e r . 

49. (Currently Amended) The method as set forth in Claim 34, wherein both the 
drive unit checks the second version of the illegal unit revocation list to authenticate the 
security module and the security module checks the first version of the illegal unit 
revocation list to authenticate the drive unit ch e ck, using th ei r own now li sts, wh e th e r or 
not tho i r count e rpart's id e ntification data ar e r e gist e r e d i n th o li sts, r o sp o ctivoly . 

50. (Currently Amended) The method as set forth in Claim 47, wherein: 
the drive unit further stores identification i nc l ud e s a storag e unit hav i ng s e lf 

i d e nt i f i catio n data stored ther e in ; and 

the security module of th e data recording modium receives the identification data 
from the drive unit and checks whether or not the identification data of the drive unit is 
registered in the illegal unit revocation list, when executing the mutual authentication 
protocol, and will not go through subsequent processes after execution of the mutual 
authentication protocol if the ch o ck i ng resu l t shows that th e drive unit is a un i t hav i ng to 
be revoked. 

51. (Currently Amended) The method as set forth in Claim 47, wherein: 
the portable data recording medium stores identification data has s el f - 

i dont i f i cat i on data storod ther ei n ; and 

the contro lle r of th e drive unit receives the identification data from the security 
module and checks whether or not the identification data of the portable data recording 
medium secur i ty modu le is registered in the illegal unit revocation list, when executing 
the mutual authentication protocol, and will not go through subsequent processes after 
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execution of the mutual authentication protocol if th e ch e ck i ng resu l t shows that the 

portable data recording medium dr i vo un i t is a un i t having to b e revoked. 

52. (Currently Amended) The method as set forth in Claim 34, wherein the illegal 
unit revocation list includes has register e d th e r ei n identification data of units hav i ng to 
be revoked units and a unit r o gist o r o d i n this l i st i s taken as hav i ng to bo revok e d . 

53. (Currently Amended) The method as set forth in Claim 34, wherein the illegal 
unit revocation list identifies units that have not been has r e gist e r e d th e r e in i d e ntification 
data of un i ts having not to b e r e vok e d a nd a un i t not r e gist e r e d i n th e li st is tak e n as 
hav i ng to b e revoked. 

54. (Currently Amended) The method as set forth in Claim 34, wherein the illegal 
unit revocation list includes: 

a revocation list identifying hav i ng regist o r o d th e r ei n i d e nt i f i cat i on data of 
revoked units hav i ng to b e r e vok e d ; and 

a registration list identifying hav i ng r e gist o rod th e r e in ident i fication data of units 
that have not been having not to b e revoked A [[;]] 

wherein units identified by the a un i t r e g i st e r e d i n th e revocation list and/or and 
units not identified by the not reg i st o r o d in th e registration list b oi ng tak e n as having to 
be are considered revoked. 

55. (Currently Amended) The method as set forth in Claim 34, wherein the illegal 
unit revocation list includes: 

a revocation list indicating revoked units hav i ng r e g i stered th e rein i d o ntif i cation 
data of un i ts having to b o r e vok e d ; and 
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a registration list indicating units that have not been hav i ng r e g i st e r e d th e r e in 
i d e nt i f i cat i on data of units having not to b e revokedJ[;]] 

wherein one or more of e ith e r of the revocation and registration lists b e ing 
s ele ct e d to judg e wh e th e r or not a un i t i n consid e rat i on is used to determine whether a 
unit is considered revoked. 

56. (Currently Amended) The method as set forth in Claim 34, wherein when 
executing the mutual authentication protocol, the drive unit and the security module 
execute a key sharing protocol using [[the]] public-key encryption technology, encrypt a 
data e ncrypting content key with a shared key thus obtain e d , and transfer send the 
encrypted content key from on e of th e m to th e oth e r . 

57. (Currently Amended) The method as set forth in Claim 34, wherein when 
executing the mutual authentication protocol, the drive unit and the security module 
execute a key sharing protocol using [[the]] public-key encryption technology, encrypt 
data with a shared key thus obta i n e d , and transfer sen4 the encrypted data from on e of 
th o rn to tho oth e r . 

58. (Currently Amended) The method as set forth in Claim 34, wherein: 

the drive unit is to write data to the storage area of the portable data recording 
medium r e cording med i um prop e r via the interface unit; 

the drive unit and the security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the drive unit encrypts a data e ncrypting content key with a shared key obta i n e d 
of the k e y sharing protoco l and sends the encrypted data e ncrypt i ng content key to the 
security module; and 
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the security module decrypts the encrypted content key r e c e iv e d from th e dr i v e 

unit w i th th e shar e d koy obta i ned of th e k e y shar i ng protoco l, re-encrypts the decrypted 

content key with a save key stored therein and sends the re-encrypted content key to 

the drive unit; and 

the drive unit writes to the storage area of the portable data recording medium 
proper v i a th o i nterface un i t the data encrypted with the content key and the content key 
encrypted by th e s e cur i ty modu le using the save key. 

59. (Currently Amended) The method as set forth in Claim 34, wherein: 

the drive unit is to read data from the storage area recording m e dium prop e r via 
the interface unit; 

the drive unit and security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the drive unit reads the encrypted content key from the storage area r e cord i ng 
m e dium prop e r and sends the fead content key to the security module; 

the security module decrypts the encrypted content key received from the drive 
unit with [[the]] a save key stored therein, re-encrypts the decrypted content key with the 
shared key obta i ned of th e k e y shar i ng protoco l and sends the re-encrypted content key 
to the drive unit; and 

the drive unit decrypts the encrypted content key received from the security 
module with the shared key obta i n e d of tho k o y shar i ng protoco l, reads the content key- 
encrypted data from the storage area record i ng med i um proper and decrypts the fead 
data. 

60. (Currently Amended) The method as set forth in Claim 34, wherein: 
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the drive unit is to write data to the storage area r e cord i ng m e dium prop e r via the 

interface unit; 

the interface unit accesses the storage area r e cord i ng m e d i um prop e r via the 
security module of the data recording medium; 

the drive unit and the security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the drive unit sends to the security module a data e ncrypt i ng content key an4- 
hav i ng b ee n encrypted with a shared key A obta i n e d of th o k o y shar i ng protocol and data 
encrypted with the content key; and 

the security module decrypts the encrypted content key received from the drive 
unit with the shared key obtain e d through th e o x o cut i on of th e k e y shar i ng protoco l and 
records to the storage area record i ng med i um prop e r the content key re-encrypted with 
a save key stored in the security module and data encrypted with the content key 
received from the drive unit. 

61. (Currently Amended) The method as set forth in Claim 34, wherein: 

the drive unit is to write data to the storage area r e cord i ng med i um prop e r via the 
interface unit; 

the drive i nt e rfac e unit accesses the storage area r e cord i ng med i um prop e r via 
the security module of the portable data recording medium; 

the drive unit and security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the drive unit encrypts data with a shared key obta i n e d through th e ex e cution of 
th o k o y shar i ng protocol and sends the data thus encrypted to the security module; and 
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the security module decrypts the encrypted data received from the drive unit with 

the shared key, encrypts the decrypted data and stores the encrypted data into the 

storage area r o cord i ng mod i um prop e r . 

62. (Currently Amended) The method as set forth in Claim 34, wherein: 

the drive unit is to read data from the storage area rocord i ng med i um prop e r v i a 
th e int e rfac e un i t ; 

the drive i nt e rfac e unit accesses the storage area rocording m o dium prop e r via 
the security module of the portable data recording medium; 

the drive unit and security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the security module reads from the storage area r e cord i ng m e dium prop e r an 
encrypted content key and data encrypted with the content key, decrypts the encrypted 
content key with a save key stored therein and sends to the drive unit the content key 
re-encrypted with a shared key obtain e d through th e oxocut i on of tho koy shar i ng 
protoco l and data encrypted with the content key read from the storage area recording 
m e d i um prop e r ; and 

the drive unit decrypts the encrypted content key received from the security 
module with the shared key obta i ned through tho o x o cut i on of tho k e y sharing protoco l 
and decrypts the encrypted data with the content key. 

63. (Currently Amended) The method as set forth in Claim 34, wherein: 

the drive unit is to read data from the storage area r o cording m o d i um proper via 
tho i nterface un i t ; 
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the drive i nt e rfac e unit accesses the storage area r e cord i ng m e d i um prop e r via 
the security module of th e data r e cord i ng m e d i um ; 

the drive unit and security module execute a key sharing protocol using [[the]] 
public-key encryption technology; 

the security module reads data encrypted and stored in the portable data 
recording medium, decrypts the encrypted data with the content key, re-encrypts the 
decrypted data with a by tho user of th e shared key obta i ned through the o x o cut i on of 
th o k o y shar i ng protoco l and sends the re-encrypted data to the drive unit; and 

the drive unit decrypts, with the shared key obta i n e d through th e o x o cut i on of th e 
koy shar i ng protoco l, the encrypted data received from the security module . 

64. (Currently Amended) A drive unit which accosses a data recording medium 
i nc l uding a recording med i um proper and a secur i ty modu l o wh i ch e x e cutes a mutual 
auth e nt i cation protoco l w i th tho dr i v e un i t, tho driv e unit comprising: 

a storag e un i t hav i ng s el f i d e nt i f i cat i on data stor e d th e r e in; 

a controller which executes [[the]] a mutual authentication protocol when 
accessing [[the]] a portable data recording medium , the portable data recording medium 
including a security module comprising a nonvolatile memory and a storage area 
distinct from the security module ; and 

an interface unit which accesses the storage area record i ng med i um prop e r of 
the portable data recording mediumf 

whoroin when oxocut i ng tho mutua l authent i cat i on protocol, th e contro lle r s e nds 
tho i dontif i cat i on data otorod i n tho storage unit to th e secur i ty modu l o while r e c ei ving, 
from tho secur i ty modulo, th e so l f ident i fication data stored i n th e data r e cord i ng 
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medium, to th e r e by ch e ck wheth e r th oi r count e rpart's id o nt i f i cat i on data ar e r e g i st e r e d 

in r e sp e ct i v e il l e ga l un i t r e vocat i on l ists, and w ill not go through subs e qu e nt proc e ss e s 

a ft e r e xecution of tho mutual authenticat i on protocol if the ch e ck i ng r e su l t shows that 

th e driv e un i t i s a on e hav i ng to b e r e vok e d . 

65. (Currently Amended) The drive unit as set forth in Claim 64, wherein the 
mutual authentication protocol uses is a protoco l us i ng th e public-key encryption 
technology. 

66. (Currently Amended) The drive unit as set forth in Claim 64, further 
comprising a drive means for driving a disc serving as the storage area of the portable 
as th e r e cord i ng m e d i um prop e r of th e data r e cord i ng m e d ium . 

67. (Currently Amended) The drive unit as set forth in Claim 64, wherein the 
storage area is i nt e rfac e unit acc e ss e s a memory chip as th e r e cord i ng m e d i um prop e r 
of th e r e cord i ng m e d i um . 

68. (Currently Amended) The drive unit as set forth in Claim [[75]] 64, wherein 
the interface unit accesses the storage area directly th e r e cording m e d i um prop e r 

69. (Currently Amended) The drive unit as set forth in Claim 64, wherein the 
interface unit accesses the storage area data r e cording m e d i um via the security module 
of th e data r e cord i ng med i um . 

70. (Canceled) 

71. (Currently Amended) The drive unit as set forth in Claim 64, wherein the drive 
unit stores a revocation list of illegal recording media having th e li st stor e d i n th e 
storag e unit th e r e of . 
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72. (Currently Amended) The drive unit as set forth in Claim [[75]] 64, wherein 
the drive unit does not store a revocation list of illegal recording media hav i ng th e li st 
not stor e d i n th e storag e unit th e r e of. 

73. (Currently Amended) The drive unit as set forth in Claim [[75]] 64, wherein 
th e r e is e x e cut e d a the mutual authentication protocol executes independently of 
whether the drive unit or the portable data recording medium contains an illegal unit 
revocation list corr e spond i ng to wh e th e r ei th e r or both of th e socur i ty modu le and dr i v e 
un i t its el f ho l ds th e above r e sp e ct i ve li sts or not . 

74. (Canceled) 

75. (Currently Amended) The drive unit as set forth in Claim 64, wherein: 

the drive unit stores th e r ei n a second version of [[the]] an illegal unit revocation 
list and a second list version number; and 

the drive unit transmits, when executing the mutual authentication protocol, the 
second list version number to the portable data recording medium while receiving, from 
the data recording medium, a first list version number corresponding to a first version of 
the illegal unit revocation list stored bv the portable thaUhe data recording medium 
stores th e r ei n ; and 

the portable data recording medium and the drive unit exchange the list with the 
newer version number 

if tho socond v e rsion is nowor than tho f i rst vors i on, th e dr i v e un i t s e nds th e 
socond vers i on to th e data r e cord i ng med i um; and 

i f tho f i rst vors i on i s nowor than tho oocond v e rsion, tho drive unit updates th e 
s e cond vers i on w i th th e f i rst v e rs i on r e co i vod from th e data r e cord i ng m e dium . 
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76. (Currently Amended) The drive unit as set forth in Claim 64, wherein: 

the drive unit stores the second storag e un i t has stor e d th e r ei n th e list version 
number and the second version of the illegal unit revocation list itself; and 

the controller transmits, when executing the mutual authentication protocol, the 
second list version number stor e d i n tho storag e un i t to the security module while 
receiving, from the security module, [[the]] a first list version number stored in the 
portable the data recording medium; ho l ds th e r e in, and updates the second version of 
the illegal unit revocation list with the first version if the first version is newer than the 
second version wr i t e s, wh e n i ts l ist i s a n e w on e , th e li st to th e rocording m o d i um proper 
of tho data r e cord i ng mod i um wh ilo r e ading, whon i ts li st i s an o l d on o , tho l ist record e d 
i n tho rocord i ng m e d i um prop e r of the data rocord i ng m o d i um, and updating its li st w i th 
th o r o ad l ist . 

77. (Currently Amended) The drive unit as set forth in Claim 64, wherein the drive 
unit stores a second version of an illegal unit revocation list to authenticate the security 
module and the security module stores a first version of the illegal unit revocation list to 
authenticate the drive unit adapted to work w i th the s e curity modu l o i n ch e cking, using 
th oi r own n o w li sts, wheth e r or not th e ir counterpart's idont i f i cat i on data ar e reg i stered i n 
th ei r own lists, r e spect i v ely. 

78. (Currently Amended) The drive unit as set forth in Claim 75, wherein the 
portable data recording medium stores identification, and when executing the mutual 
authentication protocol, the controller receives, from the security module, the 

s ol f id o nt i ficat i on identification data from the portable h ol d in th e data recording 
medium, checks whether or not the identification data of the portable data recording 
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medium security modu le is registered in the illegal unit revocation list, and will not go 

through subsequent processes after execution of the mutual authentication protocol if 

the portable data recording medium is chock i ng resu l t shows that the dr i v e un i t is a unit 

hav i ng to b e revoked. 

79. (Currently Amended) The drive unit as set forth in Claim [[64]] 75, wherein 
the illegal unit revocation list includes identification data of revoked units has r e g i st e r e d 
thoro i n i d e nt i fication data of un i ts having to b o r e vok e d and the un i ts regist e r e d i n th i s 
li st ar e takon as hav i ng to b e r e vok e d . 

80. (Currently Amended) The drive unit as set forth in Claim [[64]] 75, wherein 
the illegal unit revocation list identifies units that have not been has r e g i stered th e r ei n 
i d e nt i f i cat i on data of un i ts hav i ng not to be r o vokod and a unit not reg i st e r e d in th e li st i s 
tak e n as hav i ng to b e revoked. 

81 . (Currently Amended) The drive unit as set forth in Claim [[64]] 75, wherein 
the illegal unit revocation list includes: 

a revocation list identifying hav i ng r e g i st e r e d th e r ei n i d e ntificat i on data of 
revoked units hav i ng to be r e voked ; and 

a registration list identifying having r e g i st e red th e rein id e ntif i cation data of units 
that have not been having not to b e revokedJ[;]] 

wherein units identified by the a un i t r e g i stered in th e revocation list and/or and 
units not identified by the not r e g i st e red in th e registration list b ei ng tak e n as having to 
be are considered revoked. 

82. (Currently Amended) The drive unit as set forth in Claim 64, wherein the 
illegal unit revocation list includes: 



-26- 



U.S. Application No.: 09/807,824 
Attorney Docket No.: 09812.0501-00 

a revocation list indicating revoked units hav i ng r e gist e r e d th e r ei n id e nt i f i cat i on 
data of unite having to b e r e vok e d ; and 

a registration list indicating units that have not been hav i ng r e g i stered thoroin 
i d o nt i f i cation data of un i ts having not to b e revokedJ[;]] 

wherein one or more of e ith e r of the revocation and registration lists b e ing 
s e l e ct e d to judge wheth e r or not a un i t i n considerat i on is used to determine whether a 
unit is considered revoked. 

83. (Currently Amended) The drive unit as set forth in Claim 64, wherein 
adapt e d to work with th e s e cur i ty modu le , when executing the mutual authentication 
protocol, the drive unit and the security module execute i n oxocut i ng a key sharing 
protocol using the public-key encryption technology, encrypt a data e ncrypt i ng content 
key with a shared key thus obta i n e d, and transfer ser*4 the encrypted content key frem- 
one of th e dr i v e un i t and secur i ty modu l o to th e oth e r . 

84. (Currently Amended) The drive unit as set forth in Claim 64, wherein adapted 
to work with th e s e curity modul e , when executing the mutual authentication protocol the_ 
drive unit and the security module execute , i n e x e cuting a key sharing protocol using 
the public-key encryption technology, encrypt data with a shared key thus obta i n e d , and 
transfer send the encrypted data from on e of th e dr i v e unit and secur i ty modu le to th e 
oth e r . 

85. (Currently Amended) The drive unit as set forth in Claim 64, d o stin o d to writ e 
data to th e record i ng modium prop e r via th e i nt e rface unit, wherein: 

the drive unit is to write data to the storage area of the portable data recording 
medium via the interface unit: 
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the drive unit and the security module execute a key sharing protocol using 
public-key encryption technology; 

the drive unit encrypts a content key with a shared key and sends the encrypted 
content key to the security module: 

the security module decrypts the encrypted content key, re-encrypts the 
decrypted content key with a save key stored therein and sends the re-encrypted 
content key to the drive unit: and 

the drive unit writes to the storage area of the portable data recording medium 
the data encrypted with the content key and the content key encrypted by the save key. 

a protoco l for k o y shar i ng w i th th e socur i ty modul e i s e x o cutod us i ng th e pub l ic 
k o y e ncrypt i on t e chno l ogy; 

tho data cont e nt koy i s e ncrypted w i th tho shared k o y obtain e d through th e 
e x e cut i on of th e k e y shar i ng protoco l and th e e ncrypt e d data cont e nt koy is s e nt to th e 
secur i ty modu le ; 

th e s e curity modu l e d e crypts th e e ncrypted cont e nt k e y with tho shar e d k e y 
obtain e d through the e x e cut i on of th e k e y shar i ng protoco l , and r o c o iv o s data 
ro oncryptod with th e content k e y d e crypt e d w i th sav e koy stored th e r ei n; and 

th o data e ncrypt e d w i th tho cont e nt key and the content k o y e ncrypted by th e 
s o cur i ty modu lo us i ng tho savo k o y aro recorded to the r e cording m o dium prop o r v i a the 
i nt e rfac e un i t. 

86. (Currently Amended) The drive unit as set forth in Claim 64, dostin o d to r e ad 
e ncrypt e d data from th e r e cord i ng med i um prop e r via tho i nterfac e unit, wherein: 
the drive unit is to read data from the storage area via the interface unit: 
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the drive unit and security module execute a key sharing protocol using public- 
key encryption technology; 

the drive unit reads the encrypted content key from the storage area and sends 
the content key to the security module: 

the security module decrypts the encrypted content key received from the drive 
unit with a save key stored therein, re-encrypts the decrypted content key with the 
shared key and sends the re-encrypted content key to the drive unit: and 

the drive unit decrypts the encrypted content key received from the security 
module with the shared key, reads the content kev-encrvpted data from the storage 
area and decrypts the data. 

a protoco l for koy shar i ng with tho socur i ty modu l o i s execut e d using th e pub li c 
k e y e ncrypt i on t e chnology; 

tho o ncryptod content key i s r o ad from th o r e cording m e d i um prop e r and th e 
road content koy is sont to the socur i ty modulo; and 

th o socur i ty modu l e d e crypts th e e ncrypt e d cont e nt k e y with tho shar e d k e y 
obta i ned through the oxocution of tho koy shar i ng protoco l and rece i ves data 
ro encrypted w i th the content k e y decrypted w i th th e shared key obtain e d through th e 
e x e cut i on of th e k e y shar i ng protoco l ; and 

tho e ncrypt e d content key rece i ved from th e s o cur i ty modu l o i s decrypt e d with 
th e shar e d k o y obta i ned through tho oxocut i on of th e k e y shar i ng protoco l , tho data 
encrypt e d w i th tho content k e y i s r o ad from tho recording medium proper and 
d e crypt e d . 
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87. (Currently Amended) The drive unit as set forth in Claim 64, d e st i n e d to 

r e cord data to th e r e cord i ng m e d i um prop e r v i a tho int e rfac e unit, wherein: 

the drive unit is to write data to the storage area via the interface unit: 

the interface unit accesses the storage area via the security module of the data 

recording medium: 

the drive unit and the security module execute a key sharing protocol using 
public-key encryption technology; 

the drive unit sends to the security module a content key encrypted with a shared 
key, and data encrypted with the content key; and 

the security module decrypts the encrypted content key received from the drive 
unit with the shared key and records to the storage area the content key re-encrypted 
with a save key stored in the security module and data encrypted with the content key 
received from the drive unit. 

th e i nt e rfac e un i t acc e ss e s th e r e cording m e d i um prop e r v i a th e s e cur i ty modul e 
of th e data r e cord i ng m e d i um; 

a protoco l for key sharing with th e s e cur i ty modu l o i s execut e d using th e pub l ic 
k e y e ncrypt i on t e chnology; 

th e data cont e nt k e y e ncrypt e d w i th th e shar e d k e y obta i n e d through th e 
e x e cut i on of th e k e y shar i ng protoco l and data e ncrypt e d w i th th e cont e nt k e y ar e s e nt 
to th e s e cur i ty modu le ; and 

tho socur i ty modul e d e crypts the e ncrypted content key w i th tho shar e d k e y 
obtain e d through th e ex e cution of tho koy shar i ng protocol and wr i t e s to tho recording 
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m e d i um prop e r th e cont e nt k e y r e e ncrypt e d w i th th e sav e k e y stor e d in th o secur i ty - 
modu l e and data oncryptod with tho content koy. 

88. (Currently Amended) The drive unit as set forth in Claim 64, d o ctin o d to write 
data to th e r e cording m e d i um prop e r via th e i nt e rfac e unit, wherein 

the drive unit is to write data to the storage area via the interface unit: 

the interface unit accesses the storage area via the security module of the 
portable data recording medium: 

the drive unit and security module execute a key sharing protocol using public- 
key encryption technology; 

the drive unit encrypts data with a shared key and sends the data thus encrypted 
to the security module: and 

the security module decrypts the encrypted data received from the drive unit with 
the shared key, encrypts the decrypted data and stores the encrypted data into the 
storage area. 

tho i nt e rface un i t acc e ss e s th e r e cord i ng m e dium prop e r v i a th e secur i ty modu le 
of th o data record i ng mod i um; 

a protoco l for k o y shar i ng w i th th o socur i ty modu lo i s o xocut e d using th o pub li c 
k e y e ncrypt i on techno l ogy; 

data i s oncrypt o d w i th th e shar e d k e y obta i n e d through th e e x e cut i on of th e k e y 
sharing protoco l and sent to th e s e curity modu le ; and 

tho socurity modu l o decrypts tho encrypted data w i th the shar e d k e y, e ncrypts 
tho decrypted data with the content k e y and stores tho oncryptod data to the r e cord i ng 
modium prop e r. 
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89. (Currently Amended) The drive unit as set forth in Claim 64, destin e d to read 
data from th e r e cord i ng m e d i um prop e r v i a th e i nt e rfac e un i t, wherein: 

the drive unit is to read data from the storage area via the interface unit: 

the interface unit accesses the storage area via the security module of the 
portable data recording medium: 

the drive unit and security module execute a key sharing protocol using public- 
key encryption technology; 

the security module reads from the storage area an encrypted content key and 
data encrypted with the content key, decrypts the encrypted content key with a save key 
stored therein and sends to the drive unit the content key re-encrypted with a shared 
key and data encrypted with the content key read from the storage area: and 

the drive unit decrypts the encrypted content key received from the security 
module with the shared key and decrypts the encrypted data with the content key. 

th o int e rface un i t access e s th o r e cord i ng med i um proper via the s e cur i ty modu le 
of tho data recording med i um; 

a protocol for koy shar i ng with th e s o cur i ty modulo is e xecut e d us i ng th o pub li c 
koy encrypt i on t e chnology; 

tho socur i ty modulo roads from th e recording medium proper th e e ncrypt e d 
content key and data o ncrypt e d with th e content k e y, decrypts tho encrypt e d content 
k e y with tho savo k e y stored ther ei n and rece i ves th e content key r e e ncrypted w i th the 
shar e d k e y obtain e d through the o x o cut i on of th o key shar i ng protoco l and data 
e ncrypt e d w i th th o cont e nt key r o ad from th o recording medium prop e r; and 
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tho e ncrypt e d cont e nt k e y r e c e iv e d from th e s e cur i ty modu le i s d e crypt e d with 
th o shared koy obtain e d through the ox o cution of tho k e y shar i ng protoco l and tho 
encrypt e d data i s decrypt e d w i th th e cont e nt k e y. 

90. (Currently Amended) The drive unit as set forth in Claim 64, d e st i ned to r o ad 
data from th e r e cording m e dium prop e r v i a th e int e rfac e un i t, wherein: 

the drive unit is to read data from the storage area via the interface unit: 

the interface unit accesses the storage area via the security module: 

the drive unit and security module execute a key sharing protocol using public- 
kev encryption technology: 

the security module reads data encrypted and stored in the portable data 
recording medium, decrypts the encrypted data with the content key, re-encrypts the 
decrypted data with a shared key and sends the re-encrypted data to the drive unit: and 

the drive unit decrypts, with the shared key, the encrypted data received from the 
security module. 

tho i nterface un i t acc e ssos th o recording m e d i um proper v i a tho socur i ty modu le 
of th o data record i ng m e d i um; 

a protocol for k o y shar i ng w i th the socur i ty modu le is e xecut e d us i ng tho pub l ic 
k o y encrypt i on t o chno l ogy; 

tho s o cur i ty modul e r e ads data encrypted and stored in tho data record i ng 
medium, decrypts the e ncrypt e d data w i th th o cont e nt k e y, r e c ei ves data result e d from 
r o e ncryption of th e decrypt e d data w i th th e shar e d k e y obtain e d through tho o xocution 
of th e k e y shar i ng protocol; a nd 
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tho encrypt e d data r e c ei v e d from th e s e cur i ty modu le i s d e crypted w i th th e 

shar e d k e y obta i n e d through th e e x e cution of th e k o y sharing protoco l . 

91-114. (Canceled) 

115. (Withdrawn) A data recording medium having a data recording area, 
comprising: 

a security module having an interface function for interfacing with an external 
unit, a random number generating function, a data storing function, and a calculating 
function to provide a necessary calculation for mutual authentication protocol using the 
public-key encryption technology; and 

a recording medium proper having the data recording area. 

116. (Withdrawn) The data recording medium as set forth in Claim 115, wherein 
the security module further includes an interface function to access the data recording 
medium proper. 

117. (Withdrawn) An access method for access to a data recording medium 
having a data recording area, the method comprising steps of: 

connecting to an external unit; 

generating a random number and sending it to the external unit; 

making, using data received from the external unit and stored data, a necessary 
calculation for a protocol, for mutual authentication with the external unit, using the 
public-key encryption technology; 

executing the mutual authentication mutual authentication protocol with the 
external unit; and 
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accessing a recording medium proper, in which data is to be recorded, of the 

data recording medium according to the result of the mutual authentication protocol 

execution. 

118. (Withdrawn) A recording medium producing apparatus for producing a data 
recording medium, comprising: 

a recording unit to record an illegal unit revocation list to the data recording 
medium which includes a recording medium proper in which data is to be recorded and 
a security module which executes a mutual authentication mutual authentication 
protocol with a drive unit which accesses the recording medium proper of the data 
recording medium. 

119. (Withdrawn) The unit as set forth in Claim 118, further comprising an 
assembling unit to assemble the data recording medium including the security module 
and recording medium proper. 

120. (Withdrawn) The unit as set forth in Claim 118, wherein the recording unit 
records the list into the security module. 

121. (Withdrawn) The unit as set forth in Claim 118, wherein the recording unit 
records the list version number and the list itself into the security module. 

122. (Withdrawn) The unit as set forth in Claim 118, wherein the recording unit 
records the list in the recording medium proper. 

123. (Withdrawn) The unit as set forth in Claim 118, wherein the recording unit 
records the list version number into the security module and the list itself in the 
recording medium proper. 
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124. (Withdrawn) The unit as set forth in Claim 118, wherein the recording unit 
records, into the security module, the identification data of the data recording medium, 
private key and public key certificates which are to be used in the public key encryption 
technology given in the data recording medium, and the list version number. 

125. (Withdrawn) The unit as set forth in Claim 118, wherein the recording unit 
further comprises means for storing the list which is to be recorded to the data recording 
medium. 

126. (Withdrawn) The unit as set forth in Claim 118, wherein the recording unit 
further comprises an interface through which the list to be recorded into the data 
recording medium is acquired. 

127. (Withdrawn) The unit as set forth in Claim 118, wherein the list is composed 
of a revocation list having registered therein identification data of units having to be 
revoked and/or a registration list having registered therein identification data of units 
having not to be revoked. 

128. (Withdrawn) A recording medium producing method for producing a data 
recording medium, comprising a step of: 

recording an illegal unit revocation list to the data recording medium which 
includes a recording medium proper in which data is to be recorded and a security 
module which executes a mutual authentication mutual authentication protocol with a 
drive unit which accesses the recording medium proper of the data recording medium. 

129. (Withdrawn) The method as set forth in Clam 128, in which the data 
recording medium including the security module and recording medium proper is 
assembled. 
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130. (Withdrawn) The method as set forth in Claim 128, wherein the list is 
recorded into the security module. 

131. (Withdrawn) The method as set forth in Claim 128, wherein the list version 
number and the list itself are recorded into the security module. 

132. (Withdrawn) The method as set forth in Claim 128, wherein the list is 
recorded to the recording medium proper. 

133. (Withdrawn) The method as set forth in Claim 128, wherein the list version 
number is recorded into the security module while the list itself is recorded to the 
recording medium proper. 

134. (Withdrawn) The method as set forth in Claim 128, wherein the identification 
data of the data recording medium, private and public key certificates which are to be 
used in the public-key encryption technology given in the data recording medium, and 
the list are recorded into the security module. 

135. (Withdrawn) The method as set forth in Claim 128, wherein the list is stored 
into the data recording medium. 

136. (Withdrawn) The method as set forth in Claim 128, wherein the list to be 
recorded into the data recording medium is acquired from outside. 

137. (Withdrawn) The method as set forth in Claim 128, wherein the list is 
composed of a revocation list having registered therein units having to be revoked 
and/or a registration list having registered therein units having not to be revoked. 

138. (Currently Amended) The system as set forth in Claim 20, wherein the 
illegal unit revocation list includes has r e g i ster e d th e r ei n identification data of units 
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hav i ng to b e revoked units and a unit rog i storod i n th i s li st is taken as hav i ng to b e 

revok e d . 

139. (Currently Amended) The system as set forth in claim 21, wherein the illegal 
unit revocation list includes has reg i stered ther ei n identification data of un i ts having to 
be revoked units and a unit rog i storod i n th i s li st i s tak e n as having to b e r e vok e d . 

140. (Currently Amended) The system as set forth in Claim 20, wherein the 
illegal unit revocation list identifies units that have not been has r e g i st e red th e re i n 
i d e nt i f i cat i on data of un i ts hav i ng not to b e revok e d and a unit not reg i ster e d i n tho l ist is 
takon as hav i ng to b e revoked. 

141 . (Currently Amended) The system as set forth in Claim 21 , wherein the 
illegal unit revocation list identifies units that have not been has regist e red th e r ei n 
i d e nt i ficat i on data of un i ts hav i ng not to be r o vok o d and a un i t not r o g i st o rod in th e li st is 
tak e n as hav i ng to b e revoked. 

142. (Currently Amended) The system as set forth in Claim 20, wherein the 
illegal unit revocation list includes: 

a revocation list identifying hav i ng r e g i st e r e d th e r e in i d e nt i fication data of 
revoked units hav i ng to b e r e vok e d ; and 

a registration list identifying having re g i st e r e d there i n ident i ficat i on data of units 
that have not been hav i ng not to b e revokedJ[;]] 

wherein units identified by the a unit r e g i stered in th e revocation list and/or and 
units not identified by the not reg i st e r e d i n th e registration list bo i ng tak e n ao having to 
be are considered revoked. 
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143. (Currently Amended) The system as set forth in Claim 21 , wherein the 
illegal unit revocation list includes: 

a revocation list identifying having r e g i st o rod th e rein idontif i cat i on data of 
revoked units hav i ng to bo revoked ; and 

a registration list identifying hav i ng r e g i storod th e r e in i d o ntificat i on data of units 
that have not been hav i ng not to b e revoked J[;]] 

wherein units identified by the a un i t r e g i st o rod i n th e revocation list and/or and 
units not identified by the not rogist e rod i n th e registration list bo i ng taken as hav i ng to 
be are considered revoked. 

144. (Currently Amended) The system as set forth in Claim 20, wherein the 
illegal unit revocation list includes: 

a revocation list indicating revoked units hav i ng r e gist e r e d th o ro i n i d o ntif i cat i on 
data of un i ts having to b e r e vok e d ; and 

a registration list indicating units that have not been hav i ng rog i st o r o d th e r e in 
ident i ficat i on data of units hav i ng not to bo revokedJ[;]] 

wherein one or more of ei th e r of the revocation and registration lists b e ing 
s ele ct e d to judg e wh e ther or not a unit i n cons i d e rat i on is used to determine whether a 
unit is considered revoked. 

145. (Currently Amended) The system as set forth in Claim 21 , wherein the 
illegal unit revocation list includes: 

a revocation list indicating revoked units hav i ng r e g i storod thor oi n i dontificat i on 
data of units having to b o r e vok e d ; and 
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a registration list indicating units that have not been hav i ng r e g i otorod ther ei n 
idont i f i cat i on data of un i ts hav i ng not to bo revoked A [[;]] 

wherein one or more of ei th e r of the revocation and registration lists b e ing 
G olo ct e d to judg e wh e th e r or not a un i t i n cons i d e rat i on is used to determine whether a 
unit is considered revoked. 

146. (Currently Amended) The method as set forth in Claim 50, wherein the 
illegal unit revocation list includes has r e gistered ther ei n identification data of un i ts 
hav i ng to b e revoked units and a un i t r e g i st e r e d i n th i s l i st i s tak e n as hav i ng to b e 
r e vok e d . 

147. (Currently Amended) The method as set forth in Claim 51 , wherein the 
illegal unit revocation list includes has r e gist e red th e r ei n identification data of tmits- 
hav i ng to b e revoked units and a unit r e gister e d i n this l ist i s tak e n as having to b e 
r e vok e d . 

148. (Currently Amended) The method as set forth in Claim 50, wherein the 
illegal unit revocation list identifies units that have not been has reg i st e r e d th e r ei n 
i d e nt i f i cation data of un i ts hav i ng not to b e r e voked and a un i t not registered i n th e li st i s 
tak e n as having to b e revoked. 

149. (Currently Amended) The method as set forth in Claim 51 , wherein the 
illegal unit revocation list identifies units that have not been has r e g i stered th e r e in 
id o nt i ficat i on data of un i ts having not to bo rovokod and a unit not rog i sterod i n tho li st is 
tak e n as hav i ng to be revoked. 

150. (Currently Amended) The method as set forth in Claim 50, wherein the 
illegal unit revocation list includes: 
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a revocation list identifying having r e g i st e r e d th e r e in i d e ntif i cation data of 
revoked units having to b o revok e d ; and 

a registration list identifying hav i ng reg i stered th e r e in idont i fication data of units 
that have not been hav i ng not to bo revoked x [[;]] 

wherein units identified by the a un i t r e gist e r e d i n th e revocation list and/or and 
units not identified by the not r e gist e r e d i n tho registration list boing tak e n as hav i ng to 
be are considered revoked. 

151. (Currently Amended) The method as set forth in Claim 51, wherein the 
illegal unit revocation list includes: 

a revocation list identifying having r e g i st o rod th e r e in i d o nt i f i cat i on data of 
revoked units hav i ng to be revok e d ; and 

a registration list identifying hav i ng r e g i ster e d th e r e in i d e nt i f i cation data of units 
that have not been hav i ng not to b e revoked A [[;]] 

wherein units identified by the a unit r e g i st e r e d i n th e revocation list and/or and 
units not identified by the not r e g i st e r e d in th e registration list b o ing tak e n as hav i ng to 
be are considered revoked. 

152. (Currently Amended) The method as set forth in Claim 50, wherein the 
illegal unit revocation list includes: 

a revocation list indicating revoked units hav i ng r e g i st e r e d th e r e in identificat i on 
dat a of un i ts hav i ng to b e r e vok e d ; and 

a registration list indicating units that have not been hav i ng r e g i st e r e d th e r ei n 
i d e nt i ficat i on data of un i ts hav i ng not to b e revoked^;]] 
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wherein one or more of ei th e r of the revocation and registration lists b e ing 

s ele ct e d to judg e wh e th e r or not a un i t i n consid e ration is used to determine whether a 

unit is considered revoked. 

153. (Currently Amended) The method as set forth in Claim 51 , wherein the 
illegal unit revocation list includes: 

a revocation list indicating revoked units having r e g i st e r e d therein i dont i f i cat i on 
data of un i ts hav i ng to b e r e vok e d ; and 

a registration list indicating units that have not been hav i ng r e g i st e r e d th e r ei n 
id e nt i f i cation data of un i ts hav i ng not to b e revokedJ[;]] 

wherein one or more of ei th e r of the revocation and registration lists b ei ng 
s ele ct e d to judg e wh e th e r or not a un i t in cons i d e rat i on is used to determine whether a 
unit is considered revoked. 

1 54. (Currently Amended) The drive unit as set forth in Claim 78, wherein the 
illegal unit revocation list includes has r e g i stered ther ei n identification data of un i ts 
hav i ng to b e revoked units and a un i t r e g i st e r e d i n this li st i s tak e n as hav i ng to b e 
r e vok e d . 

155. (Currently Amended) The drive unit as set forth in Claim 78, wherein the 
illegal unit revocation list includes has r e g i st e r e d ther e in identification data of units 
hav i ng to b e revoked units and a un i t r e g i st e r e d i n th i s li st is tak e n as hav i ng to b e 
r e vok e d . 

156. (Currently Amended) The drive unit as set forth in Claim 78, wherein the 
illegal unit revocation list includes: 



-42- 



U.S. Application No.: 09/807,824 
Attorney Docket No.: 09812.0501-00 

a revocation list identifying hav i ng r e g i st o r o d th e r ei n ident i f i cation data of 
revoked units hav i ng to b e r e vok e d ; and 

a registration list identifying having r e g i ster e d th e r e in i d e nt i ficat i on data of units 
that have not been hav i ng not to b e revoked J[;]] 

wherein units identified by the a un i t r e gister e d i n the revocation list and/or and 
units not identified by the not r e gist e r e d in th e registration list bo i ng takon as hav i ng to 
be are considered revoked. 

157. (Currently Amended) The drive unit as set forth in Claim 78, wherein the 
illegal unit revocation list includes: 

a revocation list indicating revoked units hav i ng r e g i st e r e d th e r ei n i d e nt i f i cation 
data of units having to bo r e vok e d ; and 

a registration list indicating units that have not been having reg i ster e d th e r ei n 
i d e nt i f i cation data of units hav i ng not to b e revokedJ[;]] 

wherein one or more of e i th e r of the revocation and registration lists b ei ng 
s ele ct e d to judg e wh e th e r or not a un i t i n consid e rat i on is used to determine whether a 
unit is considered revoked. 

158-161. (Canceled) 

162. (Withdrawn) A storage apparatus for storing information retrieved by an 
information processing apparatus, the storage apparatus comprising: 
a storage section for storing a first revoked unit list; 

a receiving section for receiving a second revoked unit list from the information 
processing apparatus; and 
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a judging section forjudging whether the information processing apparatus is 
revoked or not based on the first revoked unit list; 

wherein if the information processing apparatus is revoked, the first revoked unit 
list is maintained, and if the information processing apparatus is not revoked, the first 
revoked unit list is replaced with the second revoked unit list. 

163. (Withdrawn) The storage apparatus as set forth in Claim 162, further 
comprising a receiving section for receiving ID information from the information 
processing apparatus. 

164. (Withdrawn) The storage apparatus as set forth in Claim 163, wherein the 
ID information includes a key for the information processing apparatus. 

165. (Withdrawn) The storage apparatus as set forth in Claim 164, wherein a 
digital certification includes the key. 

166. (Withdrawn) The storage apparatus as set forth in Claim 162, wherein the 
judging section judges whether the information processing apparatus is on the first 
revoked unit list. 

167. (Withdrawn) The storage apparatus as set forth in Claim 162, further 
comprising: 

a comparing section for comparing the first revoked unit list with the second 
revoked unit list; and 

a second judging section forjudging which revoked unit list is newer. 

168. (Withdrawn) The storage apparatus as set forth in Claim 167, further 
comprising: 
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a transmitting section for transmitting the first revoked unit list to the information 

processing apparatus. 

169. (Withdrawn) The storage apparatus as set forth in Claim 167, wherein the 
second judging section compares the respective version information attached with each 
revoked unit list. 

170. (Withdrawn) The storage apparatus as set forth in Claim 162, further 
comprising: 

a second receiving section for receiving a private key from the information 

processing apparatus; 

a second storage section for storing a public key; and 

a judging section for judging whether the private key and the public key 

correspond. 

171. (Withdrawn) The storage apparatus as set forth in Claim 170, wherein if the 
information processing apparatus is revoked or the private key does not relate to the 
public key, the first revoked unit list is maintained, and if the information processing 
apparatus is not revoked and the private key relates to the public key, the first revoked 
unit list is replaced with the second revoked unit list. 

172. (Withdrawn) The storage apparatus as set forth in Claim 171 , wherein if the 
first revoked unit list is maintained and the information processing apparatus is not 
revoked, the first revoked unit list is transmitted to the information processing apparatus. 

173. (Withdrawn) The storage apparatus as set forth in Claim 162, wherein the 
storage section comprises: 

a revoked unit list storage section for storing the first revoked unit list; and 
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a content storage section for storing content. 

174. (Withdrawn) The storage apparatus as set forth in Claim 173, wherein the 
revoked unit list storage section is more secure than the content storage section. 

175. (Withdrawn) The storage apparatus according to claim 162, wherein the first 
revoked unit list indicates at least one information processing apparatus whose private 
key has been revealed. 

176. (Withdrawn) The storage apparatus according to claim 162, wherein the 
storage apparatus and the information processing apparatus share a common private 
key. 

177. (Withdrawn) An information processing apparatus for retrieving information 
from a storage apparatus, comprising: 

a storage section for storing a second revoked unit list; 
a receiving section for receiving a first revoked unit list from the storage 
apparatus; and 

a judging section forjudging whether the storage apparatus is revoked or not 
based on the second revoked unit list; 

wherein if the storage apparatus is revoked, the second revoked unit list is 
maintained, and if the storage apparatus is not revoked, the second revoked unit list is 
replaced with the first revoked unit list. 

178. (Withdrawn) The information processing apparatus as set forth in Claim 
177, further comprising a receiving section for receiving ID information from the storage 
apparatus. 
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179. (Withdrawn) The information processing apparatus as set forth in Claim 

178, wherein the ID information includes a key for the storage apparatus. 

180. (Withdrawn) The information processing apparatus as set forth in Claim 

179, wherein a digital certification includes the key. 

181. (Withdrawn) The information processing apparatus as set forth in Claim 
177, wherein the judging section judges whether the storage apparatus is on the second 
revoked unit list. 

182. (Withdrawn) The information processing apparatus as set forth in Claim 
177, further comprising: 

a comparing section for comparing the first revoked unit list with the second 
revoked unit list; and 

a second judging section forjudging which revoked unit list is newer. 

183. (Withdrawn) The information processing apparatus as set forth in Claim 
182, further comprising a transmitting section for transmitting the second revoked unit 
list to the storage apparatus. 

184. (Withdrawn) The information processing apparatus as set forth in Claim 
182, wherein the second judging section compares the respective version information 
attached with each revoked unit list. 

185. (Withdrawn) The information processing apparatus as set forth in Claim 
1 77, further comprising: 

a second receiving section for receiving a private key from the storage 
apparatus; 

a second storage section for storing a public key; and 
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a judging section forjudging whether the private key and the public key 

correspond. 

186. (Withdrawn) The information processing apparatus as set forth in Claim 

185, wherein if the storage apparatus is revoked or the private key does not relate to the 
public key, the second revoked unit list is maintained, and if the storage apparatus is not 
revoked and the private key relates to the public key, the second revoked unit list is 
replaced with the first revoked unit list. 

187. (Withdrawn) The information processing apparatus as set forth in Claim 

186, wherein if the second revoked unit list is maintained and the storage apparatus is 
not revoked, the second revoked unit list is transmitted to the storage apparatus. 

188. (Withdrawn) The information processing apparatus as set forth in Claim 
177, wherein the storage section comprises: 

a revoked unit list storage section for storing the second revoked unit list; and 
a content storage section for storing content. 

189. (Withdrawn) The information processing apparatus as set forth in Claim 
188, wherein the revoked unit list storage section is more secure than the content 
storage section. 

190. (Withdrawn) The information processing apparatus as set forth in Claim 
177, further comprising a playing back section for playing back information retrieved 
from the storage apparatus. 

191. (Withdrawn) The information processing apparatus according to claim 177, 
wherein the second revoked unit list indicates at least one storage apparatus whose 
private key has been revealed. 
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192. (Withdrawn) The storage apparatus according to claim 177, wherein the 
storage apparatus and the information processing apparatus share a common private 
key. 

193. (Withdrawn) A system comprising an information processing apparatus and 
a storage apparatus, the information processing apparatus comprising: 

a storage section for storing a second revoked unit list; 
a receiving section for receiving a first revoked unit list from the storage 
apparatus; and 

a judging section forjudging whether the storage apparatus is revoked or not 
based on the second revoked unit list; 

wherein if the storage apparatus is revoked, the second revoked unit list is 
maintained in the information processing apparatus, and if the storage apparatus is not 
revoked, the second revoked unit list is replaced with the first revoked unit list in the 
information processing apparatus; and 

the storage apparatus comprising: 

a storage section for storing the first revoked unit list; 

a receiving section for receiving the second revoked unit list from the information 
processing apparatus; and 

a judging section forjudging whether the information processing apparatus is 
revoked or not based on the first revoked unit list; 

wherein if the information processing apparatus is revoked, the first revoked unit 
list is maintained in the storage apparatus, and if the information processing apparatus 
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is not revoked, the first revoked unit list is replaced with the second revoked unit list in 

the storage apparatus. 

194. (Withdrawn) The system as set forth in Claim 193, the information 
processing apparatus further comprising a receiving section for receiving ID information 
from the storage apparatus. 

195. (Withdrawn) The system as set forth in Claim 194, wherein the ID 
information is a key for the storage apparatus. 

196. (Withdrawn) The system as set forth in Claim 195, wherein a digital 
certification includes the key. 

197. (Withdrawn) The system as set forth in Claim 193, wherein the judging 
section forjudging whether the storage apparatus is revoked judges whether the 
storage apparatus is on the second revoked unit list. 

198. (Withdrawn) The system as set forth in Claim 193, the information 
processing apparatus further comprising: 

a comparing section for comparing the first revoked unit list with the second 
revoked unit list; and 

a second judging section forjudging which revoked unit list is newer. 

199. (Withdrawn) The system as set forth in Claim 198, the information 
processing apparatus further comprising a transmitting section for transmitting the 
second revoked unit list to the storage apparatus. 

200. (Withdrawn) The system as set forth in claim 198, wherein the second 
judging section compares the respective version information attached with each 
revoked unit list. 
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201. (Withdrawn) The system as set forth in Claim 193, the information 
processing apparatus further comprising: 

a second receiving section for receiving a private key from the storage 
apparatus; 

a second storage section for storing a public key; and 
a judging section forjudging whether the private key and the public key 
correspond. 

202. (Withdrawn) The system as set forth in Claim 201 , wherein if the storage 
apparatus is revoked or the private key does not relate to the public key, the second 
revoked unit list is maintained, and if the storage apparatus is not revoked and the 
private key relates to the public key, the second revoked unit list is replaced with the 
first revoked unit list. 

203. (Withdrawn) The system as set forth in Claim 202, wherein if the second 
revoked unit list is maintained and the storage apparatus is not revoked, the second 
revoked unit list is transmitted to the storage apparatus. 

204. (Withdrawn) The system as set forth in Claim 193, wherein the storage 
section for storing the second revoked unit list comprises: 

a revoked unit list storage section for storing the second revoked unit list; and 
a content storage section for storing content. 

205. (Withdrawn) The system as set forth in Claim 204, wherein the revoked unit 
list storage section is more secure than the content storage section. 
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206. (Withdrawn) The system set forth in Claim 193, the information processing 
apparatus further comprising a playing back section for playing back information 
retrieved from the storage apparatus. 

207. (Withdrawn) The system according to claim 193, wherein the second 
revoked unit list indicates at least one storage apparatus whose private key has been 
revealed. 

208. (Withdrawn) The system according to claim 193, wherein the storage 
apparatus and the information processing apparatus share a common private key. 

209. (Withdrawn) A method for retrieving information from a storage apparatus, 
comprising: 

storing a second revoked unit list; 

receiving a first revoked unit list from the storage apparatus; and 
judging whether the storage apparatus is revoked or not based on the second 
revoked unit list; 

wherein if the storage apparatus is revoked, the second revoked unit list is 
maintained, and if the storage apparatus is not revoked, the second revoked unit list is 
replaced with the first revoked unit list. 

210. (Withdrawn) The method as set forth in Claim 209, further comprising 
receiving ID information from the storage apparatus. 

211. (Withdrawn) The method as set forth in Claim 210, wherein the ID 
information includes a key for the storage apparatus. 

212. (Withdrawn) The method as set forth in Claim 21 1 , wherein a digital 
certification includes the key. 
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213. (Withdrawn) The method as set forth in Claim 209, wherein judging whether 
the storage apparatus is revoked includes judging whether the storage apparatus is on 
the second revoked unit list. 

214. (Withdrawn) The method as set forth in Claim 209, further comprising: 
comparing the first revoked unit list with the second revoked unit list; and 
judging which revoked unit list is newer. 

215. (Withdrawn) The method as set forth in Claim 214, further comprising 
transmitting the second revoked unit list to the storage apparatus. 

216. (Withdrawn) The method as set forth in claim 214, further comprising 
comparing the respective version information attached with each revoked unit list. 

217. (Withdrawn) The method as set forth in Claim 209, further comprising: 
receiving a private key from the storage apparatus; 

storing a public key; and 

judging whether the private key and the public key correspond. 

218. (Withdrawn) The method as set forth in Claim 217, wherein if the storage 
apparatus is revoked or the private key does not relate to the public key, the second 
revoked unit list is maintained, and if the storage apparatus is not revoked and the 
private key relates to the public key, the second revoked unit list is replaced with the 
first revoked unit list. 

219. (Withdrawn) The method as set forth in Claim 218, wherein if the second 
revoked unit list is maintained and the storage apparatus is not revoked, the second 
revoked unit list is transmitted to the storage apparatus. 
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220. (Withdrawn) The method as set forth in Claim 209, further comprising 
storing content. 

221. (Withdrawn) The method as set forth in Claim 220, wherein the revoked unit 
list is stored more securely than the content. 

222. (Withdrawn) The method set forth in Claim 209, further comprising playing 
back information retrieved from the storage apparatus. 

223. (Withdrawn) The method according to claim 209, wherein second revoked 
unit list indicates at least one storage apparatus whose private key has been revealed. 

224. (Withdrawn) The method according to claim 209, wherein the storage 
apparatus and the information processing apparatus share a common private key. 
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